[PATCH v3] xfs: fix possible overflow in xfs_ioc_trim()
Christoph Hellwig
hch at infradead.org
Wed Sep 21 07:23:13 CDT 2011
On Wed, Sep 21, 2011 at 11:42:30AM +0200, Lukas Czerner wrote:
> In xfs_ioc_trim it is possible that computing the last allocation group
> to discard might overflow for big start & len values, because the result
> might be bigger then xfs_agnumber_t which is 32 bit long. Fix this by not
> allowing the start and end block of the range to be beyond the end of the
> file system.
>
> Note that if the start is beyond the end of the file system we have to
> return -EINVAL, but in the "end" case we have to truncate it to the fs
> size.
>
> Also introduce "end" variable, rather than using start+len which which
> might be more confusing to get right as this bug shows.
>
> Signed-off-by: Lukas Czerner <lczerner at redhat.com>
Looks good,
Reviewed-by: Christoph Hellwig <hch at lst.de>
More information about the xfs
mailing list